Hello R,
Thursday, March 10, 2005, 12:28:51 AM, you wrote:
RM From: Alana Craig [EMAIL PROTECTED]
RM Subject: Updating my address book
I would like to include your contact information in an address book I am
creating for myself. Please enter your particulars using the link you see
below:
Hello Matthew,
Thursday, March 10, 2005, 6:19:48 AM, you wrote:
MN I've put together the following rule to try and catch the
MN read-downwards type spam shown below. Could someone with a decent
MN size corpus check it for me please? :-) (or if you see any obvious
MN errors or improvements; it
Robert Menschel wrote:
And that leads to the second question: what's the best way for an end
user to obtain/verify SPF records? I have all the capabilities of XP
(shudder) and Cygwin readily available, and can get Linux command-line
capabilities via SSH to SARE's server, I believe.
Whatever your
Robert Menschel wrote:
Hello Daryl,
Thursday, March 10, 2005, 5:51:26 PM, you wrote:
DCWOS Whatever your favourite way of retrieving DNS records is, will work.
DCWOS On Windows you could use nslookup, at a command prompt: ...
Thanks. That's a good start. Now, how will I know when a domain has
an
I have a fix for that
score RCVD_IN_BSP_TRUSTED 0
I don't give big negative points to anyone. To each his own though.
-Original Message-
From: Robert Menschel [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 10, 2005 8:29 PM
To: R McGlue
Cc: [EMAIL PROTECTED]
Subject: Re:
Hello all
Our Mailclient handles * in filter rules as wildcards. Now I tried to
change the subject tagging to # (as I have seen it at other
spamassassins-results) but this is the comment character (-- --lint
fails). Experimenting with escaping resulted in \\#SPAM\\# (using
\#SPAM\# in local.cf)
how much will the following imbalance skew the bayes algorithms (if at all)
bash-2.03$ sa-learn --dump magic
0.000 0 3 0 non-token data: bayes db version
0.000 0 54265 0 non-token data: nspam
0.000 0 206342 0 non-token
I'm tyring to use a global bayes database... but when user's try to
feed it spam a nd ham with sa-learn it does the following... right now
I even have the bayes directory set 777 just to debug.. what am I
doing wrong?
debug: Score set 0 chosen.
debug: running in taint mode? yes
debug: Running in
Greetings:
If we disable network tests by using --local in our start up of spamd,
spam assassin averages 0.1 to 0.3 seconds per email to process its rules.
If we enable network tests, then spam assassin averages 11 to 15 seconds
per email to process its rules.
Of all the network tests, we find
Hi!
If we disable network tests by using --local in our start up of spamd, spam
assassin averages 0.1 to 0.3 seconds per email to process its rules.
If we enable network tests, then spam assassin averages 11 to 15 seconds per
email to process its rules.
Of all the network tests, we find SURBL
Greetings:
While it has never been pleasant, we regularly review spam including the
HTML source code behind the spam to help us adjust our system-wide spam
tagging rules.
We've noticed a lot of sick porn spam being left untagged.
The tests that raised the score, though not high enough were as
On Friday, March 11, 2005, 6:01:58 AM, DNI Department wrote:
However, I did notice in the HTML source code a common theme:
IMG
src=http://yamanekohm.com/9d70188c4e7971b6d3b1e2fa8/Nf3KZuBf0T/file_name;
alt=rundowns border=0BR
IMG
Greetings Jeff:
These are live examples; but it appears the porn spam all follow the same
hex (?) directory structure after the domain name.
Hence, wanting a pattern for that purpose.
Thank you.
At 09:15 AM 3/11/2005, you wrote:
On Friday, March 11, 2005, 6:01:58 AM, DNI Department wrote:
On Friday, March 11, 2005, 6:17:21 AM, DNI Department wrote:
Greetings Jeff:
These are live examples; but it appears the porn spam all follow the same
hex (?) directory structure after the domain name.
Hence, wanting a pattern for that purpose.
I'll let others comment on expressions.
How
On Friday 11 March 2005 14:17, DNI Support Department typed:
Greetings Jeff:
These are live examples; but it appears the porn spam all follow the same
hex (?) directory structure after the domain name.
Hence, wanting a pattern for that purpose.
IMG
At 06:40 AM 3/11/2005, R McGlue wrote:
how much will the following imbalance skew the bayes algorithms (if at all)
Very little.. It will bias the scores very slightly towards higher bayes
scores, but the chi-squared combining tends to make this effect not very
noticeable unless the training
I believe that this domain is in fact legitimate and the messages in
question are *not* spam. My little sister signed up for it and I got
this crap in my inbox as result.
Basically she signed up, and puts in a list of everyone who's email
address she knows. Birthdayalarms sends out a message to
On Mar 11, 2005, at 8:57 AM, DNI Support Department wrote:
Is there a way to enable network tests for just SURBL (we have a
local, kept up to date with rsync, copy)?
in your preferences file,
skip_rbl_checks 1
will turn off the RBL checks but leave SURBL checks on.
Vivek Khera, Ph.D.
On Friday, March 11, 2005, 7:48:26 AM, Vivek Khera wrote:
On Mar 11, 2005, at 8:57 AM, DNI Support Department wrote:
Is there a way to enable network tests for just SURBL (we have a
local, kept up to date with rsync, copy)?
in your preferences file,
skip_rbl_checks 1
will turn off the
On Friday, March 11, 2005, 7:51:45 AM, Jeff Chan wrote:
On Friday, March 11, 2005, 7:48:26 AM, Vivek Khera wrote:
in your preferences file,
skip_rbl_checks 1
will turn off the RBL checks but leave SURBL checks on.
Vivek Khera, Ph.D.
+1-301-869-4449 x806
Hmm, but is that a good thing or
Hello all,
Let me start out by saying I've been searching for a couple of days on the
web on this subject but to no avail, so I would appreciate any help.
I have been using SA for more than a year and right now I'm running 3.0.1
on linux (bayes corpus size: nspam = 19482, nham = 3249). My filter
DNI Support Department wrote:
Is there a way to enable network tests for just SURBL (we have a local,
kept up to date with rsync, copy)?
One possible problem with doing this is that it will switch you to the
network score sets giving you lower scores for other tests. Without the
other network
On Friday, March 11, 2005, 9:34:15 AM, Stuart Johnston wrote:
DNI Support Department wrote:
Is there a way to enable network tests for just SURBL (we have a local,
kept up to date with rsync, copy)?
One possible problem with doing this is that it will switch you to the
network score sets
Greetings:
SURBL does not appear to work with network tests totally disabled (i.e.
using --local in the spamd startup).
No network tests:
0.1 to 0.6 seconds to score emails as spam or ham
Approximately 90% accuracy on tagging spam correctly
Approximately 2% false
Are you running a caching name server locally on the machine? This helps
alot in reducing the DNS traffic for RBLs and URI RBL's.
I normally process emails in under 2 seconds using couple of RBL's,
pyzor and all of the subl.org URI lookups.
--
Martin Hepworth
Snr Systems Administrator
Solid
On Friday, March 11, 2005, 9:57:45 AM, Martin Hepworth wrote:
Are you running a caching name server locally on the machine? This helps
alot in reducing the DNS traffic for RBLs and URI RBL's.
I normally process emails in under 2 seconds using couple of RBL's,
pyzor and all of the subl.org
On Friday, March 11, 2005, 9:53:19 AM, DNI Department wrote:
Greetings:
SURBL does not appear to work with network tests totally disabled (i.e.
using --local in the spamd startup).
It may be worth noting that disabling network tests at the
command line with --local and skip_rbl_checks 1
...
Greetings:
While it has never been pleasant, we regularly review spam including the
HTML source code behind the spam to help us adjust our system-wide spam
tagging rules.
We've noticed a lot of sick porn spam being left untagged.
The tests that raised the score, though not high enough
Hi everyone-
I've been using SpamAssassin on another mail server for about a year.
I've installed the new SpamAssassin version on naother mail server, and will
be testing this weekend.
I've got what I believe is a correct local.cf file set up, but want to make
sure with all the new syntax and
[EMAIL PROTECTED] wrote:
My problem is this: I'm using squirrelmail,
As your only email access?
and to keep an eye on false negatives (I define those as real mails
that get shuttled to spam, just to keep things clear) I have a 'spam'
folder. As anyone that uses sqmail knows, it gets very
At 01:27 PM 3/11/2005, jimsheffer wrote:
Does anything here stand out as wrong?
dns_available test: domain1.tld domain2.tld domain3.tld
I do hope that just modified the actual values and you don't literally have
domain1.tld in there..
Other than that, it looks fine, but rather than ask us, why
Hi.
Wen I report spam via spamassassin (3.0.2) I get this error or warning
message:
% spamassassin -D -r --mbox spam
[...]
Insecure dependency in connect while running with -T switch at
/usr/lib/perl5/5.8.0/i386-linux-thread-multi/IO/Socket.pm line 114.
I can read that the reports to dcc, pyzor
As your only email access?
pretty much, yes.
g Try several thousand, as a number of customers have reported to
me...
oh, I've been there - I'm just trying to avoid going there again. :)
Mmm. Dangerous - I've seen FPs get autolearned as spam once or twice.
:(
I realize that. With my
Greetings Martin:
We have rbldnsd running of a private IP with BIND/DNS forwarding calls to
the various SURBL lists to that name server. We are approved to rsync the
data from surbl; and that's been working well.
Our primary mail server is on a physical server running several network
On 3/9/2005 1:38 PM, Eric A. Hall wrote:
I think the four affected rules are RCVD_HELO_IP_MISMATCH,
RCVD_NUMERIC_HELO, RCVD_ILLEGAL_IP, RCVD_BY_IP
Extending the problem report--it seems that these rules don't fire in some
instances. I haven't really checked this out yet, but addresses with a
Kris, thanks for your help and insight. From what I can see, the settings
are in PerMsgStatus.pm, line 308/309 (my version of course).
my $required_body_points = 3;
my $required_head_points = 3;
I'll try changing those around, and update my status to this list in a while.
Again, thanks!
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Eric A. Hall writes:
On 3/9/2005 1:38 PM, Eric A. Hall wrote:
I think the four affected rules are RCVD_HELO_IP_MISMATCH,
RCVD_NUMERIC_HELO, RCVD_ILLEGAL_IP, RCVD_BY_IP
Extending the problem report--it seems that these rules don't fire in
On Fri, Mar 11, 2005 at 03:25:06PM -0500, Eric A. Hall wrote:
Extending the problem report--it seems that these rules don't fire in some
instances. I haven't really checked this out yet, but addresses with a
leading octet of 111, 123, and some others at or below ~130 seem to get
skipped
On 3/11/2005 3:42 PM, Theo Van Dinter wrote:
On Fri, Mar 11, 2005 at 03:25:06PM -0500, Eric A. Hall wrote:
Extending the problem report--it seems that these rules don't fire in
some instances. I haven't really checked this out yet, but addresses
with a leading octet of 111, 123, and some
39 matches
Mail list logo